Mail Services

Information Services is responsible for the management of the campus-wide email infrastructure. We provide mail relaying, spam and virus filtering, Microsoft Exchange mailboxes, mailing lists, and more.

Microsoft Exchange Mailbox Hosting

We provide a fee-based mailbox-hosting service to approximately 4,500 users campus-wide. We do not provide account administration; that task is delegated to the Department Computer Administrator (DCA) for the department. If your department does not have a DCA to manage account and mailbox administration and support, you should consider using the Community Network service.

Billing and technical information can be found on our Microsoft Exchange Mailbox Hosting page.

NEW: Exchange Online Archiving

Exchange Online Archiving is an email storage option that has been implemented for Exchange accounts allowing messages to be quickly and easily archived to simplify mailbox quota management. This solution utilizes server-side storage that works in a similar manner to the traditional Personal Folders (PST) files most of us are used to. The advantage with this approach is that the archive is backed-up nightly, can have messages moved into it automatically, and is available within Webmail so it can be accessed from off campus. Information and instructions for using Exchange Online Archiving.

NEW: Internet Calendar Publishing for Exchange

This newly enabled feature on the Exchange servers gives individuals the ability to publish their calendar online. Once enabled people can see your current appointments via the web. This can be useful if you have a need for individuals on campus, off campus, or even people outside of the university to view your calendar. Learn how to publish your Exchange calendar online.

Email Lists (Mailman)

We host email lists for discussion, classes, information distribution, or any other use, so long as the purpose of the list is for OSU-related business. Additional information and list administration (such as creating and managing your lists) is available at lists.oregonstate.edu.

Campus Mail Relays

The campus mail relays handle most of the email coming into and leaving campus. The relays run Debian GNU/Linux with Postfix as the mail transport agent. These servers do spam and virus detection with a host of utilities including several RBLs, Amavis, SpamAssassin and ClamAV. These services are provided free of charge to all departments at OSU.

The maximum size limit for a message sent through the campus mail relays is 100Mb.

mail.oregonstate.edu

Any machine on campus that needs to send mail can use the host mail.oregonstate.edu as its outbound SMTP relay.

Hosts off-campus can also use mail.oregonstate.edu, but ONID authentication with SSL/TLS is required. The following email clients are known to support smtp auth: Outlook, Outlook Express, Eudora, Thunderbird and Mail.app. For more information on configuring email clients, please see the Helpdocs site.

smtp.oregonstate.edu

Mail servers on campus should route outbound mail through smtp.oregonstate.edu instead of mail.oregonstate.edu. We try to divide up our traffic so that spam or virus mail inadvertently sent from workstations doesn't cause our production mail servers to be blacklisted. Please don't use smtp.oregonstate.edu to relay mail from regular workstations.

Note: the smtp.oregonstate.edu servers are inaccessible from off-campus. This allows us to handle on-campus and off-campus mail differently.

relay.oregonstate.edu

Most inbound mail for campus passes through the relay.oregonstate.edu servers. If you would like to point an MX at relay.oregonstate.edu, please contact Network Engineering so that we can configure the necessary transport records.

Access Lists for Mail Servers

If you would like to configure a host to accept mail only from the campus mail servers, please allow the following IPs:

  • OSU Mail Relays:
    128.193.15.32/28

 

Mail Flow Diagram

The diagram below shows how mail flows at OSU.  Click on the diagram to see the full-sized image.

Note that emails from authenticated clients, on-campus clients, and OSU mail servers are only subject to anti-virus scanning. In contrast, messages from the Internet (cloud with angry eyes in the diagram) are subject to many more checks including RBLs, greylisting and SpamAssassin tagging.

When email messages leave the OSU network destined for the Internet, they are subject to anti-virus scanning, but are not otherwise hindered.

The "Client Rules" on the top-right of the picture show that email can also be filtered by the recipient.

Diagram showing email flow at OSU

Dealing With Spam at OSU

Network Engineering uses several tools to help keep spam from reaching your mailbox.

Greylisting

OSU implemented greylisting at the campus mail relays on October 30, 2007. At that time, statistics showed that greylisting reduced by over half the amount of spam that arrives in OSU email accounts.

Greylisting works by sending a temporary failure message on the first attempt of a unique combination of sender IP, sender and recipient. Legitimate, properly-configured mail servers deal with a temporary failure by queueing the message and resending later. (Resend times vary, but 15-30 minutes is typical.) On subsequent attempts to send a message, the greylisting server allows the message to be delivered.

Greylisting works as an effective method to prevent spam because spammers typically do not bother to queue mail. Rather they blast the spam out once and ignore delivery failures.

The downside of greylisting is that it may cause a legitimate message to be delayed (typically for about 30 minutes, although this depends on the configuration at the sending server). Messages may also appear to arrive out of order, as subsequent messages from the same sender are not delayed. This will only happen the first time that a new sender tries to send to a new recipient.

Sites that have implemented greylisting address these issues by building up a comprehensive whitelist. That is the approach we are taking as well. We have already whitelisted several sites that OSU communicates with on a daily basis. If there are sites that you are concerned about, please send us a list at net (at) oregonstate.edu, and we will add them to the whitelist.

NOTE: Greylisting does not apply to email sent within OSU.

Real-time Black Hole Lists (RBLs)

An RBL is a list of hosts that are known spammers or open relays (misconfigured mail servers). When we receive email from one of these sites, we bounce the message back to the sender explaining that they are in an RBL and providing directions to get delisted from it. We also block mail from dynamic IP ranges, because mail servers should never have a dynamic IP. Finally, we block mail from dialup users and cable modem users - these users must relay through their ISPs mail server rather than sending directly to us (a trick often used by spammers).

We use the following RBLs at OSU:

If you are having trouble receiving mail from another site because they are listed in one of these RBLs, please tell the person at the remote location to contact their e-mail administrator or ISP and give them the information in the bounce message that they received from OSU. Contact us at net(at)oregonstate.edu if the sending site is unable or unwilling to get delisted - we may be able to help them get delisted, or simply add them to the allow list.

OSU Block List

In addition to RBLs and greylisting, we maintain a custom block list for OSU. When we receive complaints about senders or hosts on the Internet spamming OSU addresses, we put in a static block for that site. Sometimes the block is a sender address (such as user@yahoo.com), or an IP address. In some cases we will block an entire domain name (e.g. everything @foo.com) or a block of IP addresses that seem to be in use by spammers.

Phish Detection

We treat messages that are detected as phish the same way that we treat virus emails: they are discarded at the mail relays. In addition, we block the reply-to address on phishing emails so that if anyone at OSU tries to reply to a phish, their message will not go to the phisher.  Users who have responded to a phish with their username and password will typically have their OSU account disabled, and will be asked to change their password. 

Despite our best efforts, some phishing emails still make it through. Please never send your password in email, and be careful with your personally identifiable information such as credit card numbers and social security number.

SpamAssassin Tagging

All messages coming into OSU from the Internet are tagged with SpamAssassin headers. These headers indicate the likelihood that a given message is spam. You can use these headers to filter mail that is likely spam into a junk folder. For more information, see the SpamAssassin page.

Microsoft Exchange Mailbox Hosting

Network Engineering provides a fee-based Microsoft Exchange mailbox hosting service to approximately 5,000 users campus-wide. This service includes:

  • Spam filtering
  • Anti-virus protection
  • Active Directory domain licensing for departments without a domain (FS_Mail or ONID)
  • Remote access via Outlook Web Access and POP/IMAP
  • Public folders
  • Tiered support team
  • 24x7 uptime, active monitoring via MOM and OpenNMS
  • Regular maintenance and upgrades
  • Production standards and scheduled maintenance windows
  • High availability configuration
  • Nightly full backups (for system disaster recovery only)
  • Retention of deleted mailboxes for 90 days
  • Retention of deleted mail items for 14 days

Permissions are delegated to the Department Computer Administrator (DCA), who is responsible for all account and mailbox administration and user support. DCAs have access to a full-time Exchange support person for help with everything from configuring clients to troubleshooting mail delivery problems.

Exchange Billing Information

We charge $2 per mailbox/month for mailboxes set to the default "prohibit send" limit. Current default limits are:

  • warning limit: 800,000 KB (800 MB)
  • prohibit send: 1,024,000 KB (1,000 MB/1 GB)

Mailboxes set to a higher quota are billed an additional $2 per 1,000MB (1GB) increment of the default "prohibit send" limit, e.g. a 2GB mailbox costs $4/month, a 3GB mailbox costs $6/month, and so on.

Resource mailboxes with a quota of 100MB are free.

We also provide access to the FS_Mail domain for groups who wish to use Exchange but do not maintain their own Active Directory domain. There is no charge for FS_Mail accounts.

Please note: Network Engineering does not provide account administration - that task is delegated to the DCA for the department. If your department does not have a person to manage account and mailbox administration and support, you should consider using the Community Network service.

ONID Class Email Groups

Excepting College of Business courses (see below), every course at OSU now has its own Exchange email address. These class addresses are actually email 'groups' and contain the ONID email address of every student in the course. An instructor can quickly and easily contact everyone currently enrolled in the class by sending an email to the course address and adding new members to the group.

On the first day of each term the email groups are automatically created from course lists in Banner. Instructors are automatically given permission to send and receive group email. By default, instructors are only allowed to send group email from their ONID email address.

Login & Help

Frequently Asked Questions

What if I don't know my ONID login name and password?
If you have never signed up for ONID, or have forgotten your ONID password, visit the ONID homepage. To sign up for ONID, click on the "Sign Up For ONID" link in the top left. To change a forgotten password, click on the "Change Password" link in the top left.

Why was my message to my class list rejected?
By default, only the instructor of a course can send to the list, and only from their ONID email address. If you are the instructor for a course and need to send to a list from another email address, click on the link above to manage your list. Login with your ONID credentials, and then add your other email address as a sender.

Why can't I add my email address as a sender?
Your email address must be in the Exchange Global Address Book in order for you to add it as an approved sender on your class list. Contact your Department Computer Administrator to get your email address added to the Exchange Global Address Book.

How do I remove a Sender that I added manually?
All senders that you have added manually are now displayed. You can remove one by clicking on the person's name.

How do I remove a Member that I added manually?
We have not implemented this feature yet, but we hope to make it available soon.

Where are the College of Business classes?
The College of Business uses a different process to create class groups. In order to avoid confusion, we are not creating ONID class groups for Business classes. If you are a Business instructor, please contact your college for more information about class groups.

I added my TA as a sender. Why don't they receive mail sent to the list?
Adding someone as a sender is not the same as adding them as a member. If you want someone to be able to send to a list AND receive mail sent to a list, add them as both a sender and a member.

Will the changes I make to my class groups now be saved for next term?
No. All group configuration changes and memberships are reset at the end of the term, because a given course may be taught by a different instructor in the next term. If you make custom changes to your class groups one term, you will need to make those changes again at the beginning of the next term.

Can I get a list of the members on my class lists?
The list memberships are hidden in the Exchange Global Address Book to protect student privacy. To obtain a list of members in your classes, visit Blackboard or the OSU Online Services page.

SpamAssassin

Oregon State University uses SpamAssassin to tag inbound email that appears to be spam. You can use these SpamAssassin tags to filter junk mail out of your mailbox.

Headers assigned by SpamAssassin

Example headers that you can filter on:

X-Spam-Flag: YES
X-Spam-Level: ********
(a # of stars indicating the likeliness that this is spam)

When creating a rule in your e-mail program to filter mail based on SpamAssassin tags, you have the choice of either using the "X-Spam-Flag" header, or the "X-Spam-Level" header. The X-Spam-Flag header will be set to YES whenever the message has a SpamAssassin score of 5 or higher. If you would like to catch messages with a score of 3 or more instead, you can create a rule that looks for this header:

X-Spam-Level: ***

How to use SpamAssassin

ONID Users

You can enable SpamAssassin by going to http://www.onid.orst.edu. Choose "Login to ONID", and click on "Manage Mail" after you have authenticated.

Microsoft Outlook 2000 & XP:

  • Note: Outlook XP requires you first create a "Blank Rule" and then all of the following apply.
  • Right-click on your "Inbox" and choose "New Folder". Name it "junk".
  • Click Tools then Rules Wizard.
  • A window should pop up, click New.
  • Choose "Check Messages When they Arrive" and click next.
  • Check the box for "With <Specific Words> in the Message header".
  • Click the "specific words" link and enter the following as its shown: X-Spam-Flag: YES
  • Click "move it to the specified folder".
  • Choose the "junk" folder you created in the first step and click OK.
  • Click "Finish" then OK. Your rule should now be set up. DO NOT CLICK NEXT.

Entourage

  • Click Tools then Rules.
  • Select Specific Header as the criteria.
  • Enter the desired trap for the headers.
       Example: X-Spam-Flag: YES Would filter any message that was tagged by our system as "Spam"
  • Click apply.

Eudora 5.X

  • Click on Tools then Filters
  • Click New
  • Highlight the 'untitled' rule you've just created
  • On the right, check Incoming and change HEADER to say <ny Header>
  • Find the pulldown menu that says contains, and change it to matches regexp (case insensitive)
  • Enter X-Spam-Flag: YES on the line next to it.
  • Set first action to Transfer To then Trash. Or any other folder you want to filter the spam to.
  • Set second action to Skip Rest
  • Close box, and say yes when asked to save filters.

Spam-identification tactics used by SpamAssassin

  • Header Analysis: spammers use a number of tricks to mask their identities, fool you into thinking they've sent a valid message, or fool you into thinking you must have subscribed at some stage. SpamAssassin tries to spot these.
  • Text Analysis: Spam messages often have a characteristic style (to put it politely), and some characteristic disclaimers and CYA text. SpamAssassin can spot these, too. For a list of the rules that SpamAssassin uses see SpamAssassin Tests.
  • Razor: Vipul's Razor is a collaborative spam-tracking database, which works by taking a signature of spam messages. Since spam typically operates by sending an identical message to hundreds of people, Razor short-circuits this by allowing the first person to receive a spam to add it to the database -- at which point everyone else will automatically block it.